Security journalist recovers from massive 620Gbps DDoS attack

Security journalist Brian Krebs turned to Project Shield for free protection after an unknown party knocked his website offline last week with a massive distributed denial of service attack (620Gbps of non-stop data) as revenge for exposing two major cyberattack sellers who've since been arrested.

He most recently ticked off allies of vDOS; Krebs wrote about the DDoS-for-hire company and the two teenagers allegedly behind it were arrested. Some of the POST request attacks included the string “freeapplej4ck,” referring to one of the alleged teenage owners of vDOS.

He's only back online after taking advantage of Google's Project Shield, which protects journalists against censorship-oriented denial of service campaigns.

His previous anti-DDoS provider, Akamai, had little choice but to drop him -- the company tells the Boston Globe that a sustained attack on that level would have cost the company "millions."

The campaign might not have required an elaborate effort, either. Krebs believes that the attackers took advantage of a botnet made up of hacked Internet of Things devices like DVRs, home internet routers and security cameras, many of which have poor or even unchangeable passwords. A larger attack recently played havoc with a French web host using similar tactics. There's also the chance that the culprits used spoofing, which magnifies attacks by tricking machines into sending reply messages to the victim.

To Krebs, the incident highlights the dangers to free speech in the modern era. It's not just that it's relatively trivial to mount a censorship campaign, it's that the cost of defending yourself against that campaign can be prohibitive. One anti-DDoS service estimated that an Akamai-level defense would cost Krebs over $150,000 per year.

“Free speech in the age of the internet is not really free,” Krebs told Ars Technica. “We're long overdue to treat this threat with a lot more urgency. Unfortunately, I just don't see that happening right now.”

Krebs needed to bring his site back up, so he opted for Project Shield which offers “free, unlimited protection.” The service is built on Google Cloud Platform in order “to protect news sites and free expression from DDoS attacks on the web.”

The free service claims:

No matter the size of your website or the size of the attack, Project Shield provides free protection for news, journalist, human rights, and elections monitoring sites.

How could any small-scale news outfit afford that kind of protection? A concerted effort to clamp down on device exploits and block spoofed traffic could be vital not just to improving basic internet security, but protecting freedom of expression. Countries with a penchant for censorship can easily use these data floods to silence critics, and they might just try so long as it's easy.source: Krebs on Security, Boston Globe